Isolated functions into reusable middleware
This commit is contained in:
parent
c3f82bb634
commit
c624effb0c
9 changed files with 107 additions and 80 deletions
38
server/middleware/checkKnownOrg.js
Normal file
38
server/middleware/checkKnownOrg.js
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
const { User, Organization } = require('../../models/index');
|
||||
|
||||
async function GetOrg(req, res, next) {
|
||||
const user = req.user;
|
||||
const orgID = req.params.orgID || req.query.orgID || req.body.orgID;
|
||||
|
||||
const verify = await Organization.findOne({
|
||||
where: { orgID: orgID },
|
||||
include: [
|
||||
{
|
||||
model: User,
|
||||
as: 'orgOwner',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
{
|
||||
model: User,
|
||||
as: 'orgMembers',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (!verify) {
|
||||
return res.status(500).send('There is no organization with this id.');
|
||||
}
|
||||
|
||||
if (!verify.orgOwner && verify.orgMembers.length == 0) {
|
||||
return res
|
||||
.status(500)
|
||||
.send('You do not know any organizations with this id.');
|
||||
}
|
||||
|
||||
return next();
|
||||
}
|
||||
|
||||
module.exports = GetOrg;
|
||||
60
server/middleware/checkKnownUser.js
Normal file
60
server/middleware/checkKnownUser.js
Normal file
|
|
@ -0,0 +1,60 @@
|
|||
const { User, Organization } = require('../../models/index');
|
||||
|
||||
async function checkKnownUser(req, res, next) {
|
||||
const user = req.user;
|
||||
const userID = req.params.userID || req.query.userID || req.body.userID;
|
||||
|
||||
if (user.userID == userID) {
|
||||
return next();
|
||||
}
|
||||
|
||||
const result = await User.findOne({
|
||||
where: { userID: userID },
|
||||
include: [
|
||||
{
|
||||
model: Organization,
|
||||
as: 'ownedOrg',
|
||||
include: {
|
||||
model: User,
|
||||
as: 'orgMembers',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
},
|
||||
{
|
||||
model: Organization,
|
||||
as: 'memberOrgs',
|
||||
include: [
|
||||
{
|
||||
model: User,
|
||||
as: 'orgMembers',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
{
|
||||
model: User,
|
||||
as: 'orgOwner',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (!result) {
|
||||
return res.status(500).send('No user with that ID exists.');
|
||||
}
|
||||
|
||||
const filteredResult = result.memberOrgs.filter(
|
||||
(org) => org.orgMembers.length != 0 || org_owner
|
||||
);
|
||||
|
||||
if (filteredResult.length == 0 && result.ownedOrg.orgMembers.length == 0) {
|
||||
return res.status(403).send('You do not have contact with this user.');
|
||||
}
|
||||
|
||||
return next();
|
||||
}
|
||||
|
||||
module.exports = checkKnownUser;
|
||||
|
|
@ -9,53 +9,6 @@ async function GetUserDetails(req, res, next) {
|
|||
}
|
||||
|
||||
const result = await User.findOne({ where: { userID: userID } });
|
||||
|
||||
const check = await User.findOne({
|
||||
where: { userID: userID },
|
||||
include: [
|
||||
{
|
||||
model: Organization,
|
||||
as: 'memberOrgs',
|
||||
include: [
|
||||
{
|
||||
model: User,
|
||||
as: 'orgMembers',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
{
|
||||
model: User,
|
||||
as: 'orgOwner',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
model: Organization,
|
||||
as: 'ownedOrg',
|
||||
include: {
|
||||
model: User,
|
||||
as: 'orgMembers',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (!check) {
|
||||
return res.status(500).send('No user with that ID exists.');
|
||||
}
|
||||
|
||||
const filteredCheck = check.memberOrgs.filter(
|
||||
(org) => org.orgMembers.length != 0 || org_owner
|
||||
);
|
||||
|
||||
if (filteredCheck.length == 0 && check.ownedOrg.orgMembers.length == 0) {
|
||||
return res.status(403).send('You do not have contact with this user.');
|
||||
}
|
||||
|
||||
return res.send(result);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ var router = express.Router();
|
|||
|
||||
const basicAuth = require('../middleware/basicAuth');
|
||||
const tokenAuth = require('../middleware/tokenAuth');
|
||||
const checkKnownUser = require('../middleware/checkKnownUser');
|
||||
|
||||
const CreateUser = require('./auth/CreateUser');
|
||||
const UpdateUserDetails = require('./auth/UpdateUserDetails');
|
||||
|
|
@ -16,7 +17,7 @@ router.post('/register', CreateUser);
|
|||
router.patch('/update', tokenAuth, UpdateUserDetails);
|
||||
router.post('/login', basicAuth, Login);
|
||||
router.post('/logout', tokenAuth, Logout);
|
||||
router.get('/:userID', tokenAuth, GetUserDetails);
|
||||
router.get('/:userID', tokenAuth, checkKnownUser, GetUserDetails);
|
||||
router.get('/reset-password', RequestReset);
|
||||
router.patch('/reset-password/:id', ResetPassword);
|
||||
|
||||
|
|
|
|||
|
|
@ -2,19 +2,20 @@ var express = require('express');
|
|||
var router = express.Router();
|
||||
|
||||
const tokenAuth = require('../middleware/tokenAuth');
|
||||
const checkKnownUser = require('../middleware/checkKnownUser');
|
||||
|
||||
const CreateGroup = require('./group/CreateGroup');
|
||||
const DeleteGroup = require('./group/DeleteGroup');
|
||||
// const UpdateGroupDetails = require('./group/UpdateGroupDetails');
|
||||
// const GetGroup = require('./group/GetGroup');
|
||||
const AddGroupMember = require('./group/AddGroupMembers');
|
||||
const RemoveGroupMember = require('./group/RemoveGroupMember');
|
||||
// const AddGroupMember = require('./group/AddGroupMembers');
|
||||
// const RemoveGroupMember = require('./group/RemoveGroupMember');
|
||||
|
||||
router.post('/create', tokenAuth, CreateGroup);
|
||||
router.delete('/:groupID/delete', tokenAuth, DeleteGroup);
|
||||
// router.patch('/:groupID/update', tokenAuth, UpdateGroupDetails);
|
||||
// router.get('/:groupID', tokenAuth, GetGroup);
|
||||
// router.post('/:groupID/add', tokenAuth, AddGroupMember);
|
||||
// router.post('/:groupID/add', tokenAuth, checkKnownUser, AddGroupMember);
|
||||
// router.post('/:orgID/remove', tokenAuth, RemoveGroupMember);
|
||||
|
||||
module.exports = router;
|
||||
|
|
|
|||
|
|
@ -1,36 +1,9 @@
|
|||
const { User, Organization } = require('../../models/index');
|
||||
|
||||
async function GetOrg(req, res, next) {
|
||||
const user = req.user;
|
||||
const orgID = req.params.orgID;
|
||||
|
||||
const verify = await Organization.findOne({
|
||||
where: { orgID: orgID },
|
||||
include: [
|
||||
{
|
||||
model: User,
|
||||
as: 'orgOwner',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
{
|
||||
model: User,
|
||||
as: 'orgMembers',
|
||||
where: { userID: user.userID },
|
||||
required: false,
|
||||
},
|
||||
],
|
||||
});
|
||||
|
||||
if (!verify) {
|
||||
return res.status(500).send('There is no organization with this id.');
|
||||
}
|
||||
|
||||
if (!verify.orgOwner && verify.orgMembers.length == 0) {
|
||||
return res
|
||||
.status(500)
|
||||
.send('You do not know any organizations with this id.');
|
||||
}
|
||||
|
||||
const result = await Organization.findOne({
|
||||
where: { orgID: orgID },
|
||||
include: { model: User, as: 'orgMembers', required: false },
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ var express = require('express');
|
|||
var router = express.Router();
|
||||
|
||||
const tokenAuth = require('../middleware/tokenAuth');
|
||||
const checkKnownOrg = require('../middleware/checkKnownOrg');
|
||||
|
||||
const CreateOrg = require('./org/CreateOrg');
|
||||
const DeleteOrg = require('./org/DeleteOrg');
|
||||
|
|
@ -13,7 +14,7 @@ const RemoveOrgMember = require('./org/RemoveOrgMember');
|
|||
router.post('/create', tokenAuth, CreateOrg);
|
||||
router.delete('/delete', tokenAuth, DeleteOrg);
|
||||
router.patch('/update', tokenAuth, UpdateOrgDetails);
|
||||
router.get('/:orgID', tokenAuth, GetOrg);
|
||||
router.get('/:orgID', tokenAuth, checkKnownOrg, GetOrg);
|
||||
router.post('/:orgID/add', tokenAuth, AddOrgMember);
|
||||
router.post('/:orgID/delete', tokenAuth, RemoveOrgMember);
|
||||
|
||||
|
|
|
|||
Reference in a new issue